<?php
$touserarr=array('1103698304@qq.com','613154514@qq.com');//发送邮件给谁
//判断文件大小
$filesize=filesize("index.php");
//if($filesize>=5000){ //超过某个值，确定被黑，发送邮件并且用index_copy.php替换回来
if($filesize>=50){ //超过某个值，确定被黑，发送邮件并且用index_copy.php替换回来
	if(copy("index_copy.php","index.php")){
		@logRes("copy ok",$touserarr,'1');
		echo 'copy ok';
	}else{
		@logRes("copy  failed",$touserarr,'0');
		echo 'copy  failed';
	}	
}




/*************************************核心函数区域************************************/
 //系统函数
	function curlPost($url,$data){
    $ch = curl_init();
    //curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //Problem (2) in the Chunked-Encoded data
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
    curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)');
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
    @curl_setopt($ch, CURLOPT_SAFE_UPLOAD, false);  //php5.6.0开始，需要加上这行代码方可上传，否则取不到文件
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $tmpInfo = curl_exec($ch);
    $errorno = curl_errno($ch);

    if ($errorno) {
        $rt['sta'] = "0";
        $rt['msg'] = "curl错误：".$errorno;
        echo  json_encode($rt);die;
    }

    return $tmpInfo;
	} 
	
	
/**
 * 文本记录函数
 * @param string $word 输入记录的值
 */
function logRes($word = '',$touserarr,$ok)
{
    $logname = "./logshell/" . @date("Ymd") . ".txt";
    $fp = fopen($logname, "a");
    flock($fp, LOCK_EX);
    $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
    $fullurl=$protocol.$_SERVER['SERVER_NAME'].':'.$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"]; 
	$from="	HTTP_REFERER:".$_SERVER["HTTP_REFERER"]."	REMOTE_ADDR:".$_SERVER['REMOTE_ADDR']."  HTTP_CLIENT_IP:".$_SERVER['HTTP_CLIENT_IP']."	HTTP_X_FORWARDER_FOR:".$_SERVER['HTTP_X_FORWARDED_FOR']."	HTTP_USER_AGENT:".$_SERVER['HTTP_USER_AGENT']."	TEST:".$_SERVER['HTTP_TEST']."	FULLURL:".$fullurl;
    fwrite($fp, "执行日期：" . @strftime("%Y-%m-%d %H:%M:%S", @time()) .$from."\r\n" . $word . "\r\n");
    flock($fp, LOCK_UN);
    fclose($fp);
	//sendmail
	foreach ($touserarr as $touser){
		$state=$ok?'成功':'失败';
		//发送邮件
		$data['html']="检测到站点<br/>http://".$_SERVER['HTTP_HOST']."/index.php<br/>被篡改！程序自动修复<font color=red>".$state."</font><br/><a href='http://".$_SERVER['HTTP_HOST']."/index.php'>点击查看状态</a>from==>".$from;
		$url = "http://phpmailer.wlphp.com/sendmail_api.php?&recipient=$touser";
		$rs=curlPost($url,$data);
	}		
}		
	
	